commit adae6f1191279924b2af177e3e8ba94ce7516212
Author: Yusuke Suzuki <ysuzuki@apple.com>
Date:   Wed Mar 1 23:59:09 2023 -0800

    [JSC] x64 CCall returnValueGPR is not in m_validGPRs
    https://bugs.webkit.org/show_bug.cgi?id=253227
    rdar://106127760
    
    Reviewed by Mark Lam.
    
    x64's returnValueGPR is not in m_validGPRs. So we cannot bind it to Location.
    We should move it to argumentGPR0 if returnValueGPR is not argumentGPR0, this is kind of a hack and we should
    change emitCCall in the future to make it more barebone like DFG's callOperation.
    
    * Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
    (JSC::Wasm::BBQJIT::emitCCall):
    
    Canonical link: https://commits.webkit.org/261048@main

Index: webkit2gtk-2.39.91/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
===================================================================
--- webkit2gtk-2.39.91.orig/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
+++ webkit2gtk-2.39.91/Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
@@ -6298,13 +6298,22 @@
         case TypeKind::Array:
         case TypeKind::Struct:
         case TypeKind::Func: {
-            resultLocation = Location::fromGPR(GPRInfo::returnValueGPR);
+            resultLocation = Location::fromGPR(GPRInfo::argumentGPR0);
+            if constexpr (GPRInfo::argumentGPR0 != GPRInfo::returnValueGPR) {
+                ASSERT(m_dataScratchGPR == GPRInfo::returnValueGPR);
+                m_jit.move(GPRInfo::returnValueGPR, GPRInfo::argumentGPR0);
+            }
             break;
         }
         case TypeKind::F32:
-        case TypeKind::F64:
+        case TypeKind::F64: {
+            resultLocation = Location::fromFPR(FPRInfo::returnValueFPR);
+            ASSERT(m_validFPRs.contains(FPRInfo::returnValueFPR, Width::Width128));
+            break;
+        }
         case TypeKind::V128: {
             resultLocation = Location::fromFPR(FPRInfo::returnValueFPR);
+            ASSERT(m_validFPRs.contains(FPRInfo::returnValueFPR, Width::Width128));
             break;
         }
         case TypeKind::Void:
